Leveraging Open Source to Bootstrap Your Threat Intelligence Program

Starting a threat intelligence (TI) program doesn't have to be difficult and can be built up over time. We will survey different takes on "threat intelligence" and some of the open source tools available for collecting and using TI. We will discuss how to start consuming free and open-source feeds, how to put them to work in your environment, and tips for avoiding the near inevitable black eye when something gets blocked that is super-mission-critical-ZOMG-BRINGITBACKNOW. We will also discuss what we can do in the higher ed space to start producing our own threat intelligence and what our responsibilities ought to be when sharing data with the community. This presentation will be centered on the use of the Collective Intelligence Framework (CIF) for consuming and putting TI into action in your environment.

OUTCOMES: Learn about various takes on TI and open source tools for TI * Learn how to leverage free products to start "doing" TI * Understand common pitfalls and paths to "leveling up" your TI program